免费注册 查看新帖 |

Chinaunix

  平台 论坛 博客 文库
12
最近访问板块 发新帖
楼主: chensail

[故障求助] 关于AIX中ssh密码正确无法登陆的问题 [复制链接]

论坛徽章:
0
发表于 2011-07-19 11:33 |显示全部楼层
接上一段

debug1: userauth-request for user informix service ssh-connection method none
debug1: attempt 0 failures 0
debug3: mm_getpwnamallow entering
debug3: mm_request_send entering: type 6
debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM
debug3: monitor_read: checking request 6
debug3: mm_request_receive_expect entering: type 7
debug3: mm_answer_pwnamallow
debug3: mm_request_receive entering
debug3: AIX/loginrestrictions returned 0 msg (none)
debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
debug3: mm_request_send entering: type 7
debug2: monitor_read: 6 used once, disabling now
debug2: input_userauth_request: setting up authctxt for informix
debug3: mm_request_receive entering
debug3: mm_start_pam entering
debug3: mm_request_send entering: type 45
debug3: mm_inform_authserv entering
debug3: monitor_read: checking request 45
debug3: mm_request_send entering: type 3
debug1: PAM: initializing for "informix"
debug2: input_userauth_request: try method none
debug3: mm_auth_password entering
debug3: mm_request_send entering: type 10
debug3: mm_auth_password: waiting for MONITOR_ANS_AUTHPASSWORD
debug3: mm_request_receive_expect entering: type 11
debug3: mm_request_receive entering
debug3: Trying to reverse map address xxx.xxx.xxx.xxx.
debug1: PAM: setting PAM_RHOST to "vss1atmp1adm"
debug2: monitor_read: 45 used once, disabling now
debug3: mm_request_receive entering
debug3: monitor_read: checking request 3
debug3: mm_answer_authserv: service=ssh-connection, style=
debug2: monitor_read: 3 used once, disabling now
debug3: mm_request_receive entering
debug3: monitor_read: checking request 10
debug3: mm_answer_authpassword: sending result 0
debug3: mm_request_send entering: type 11
debug3: mm_auth_password: user not authenticated
Failed none for informix from xxx.xxx.xxx.xxx port 49165 ssh2
debug3: mm_request_receive entering
Failed none for informix from xxx.xxx.xxx.xxx port 49165 ssh2
debug1: userauth-request for user informix service ssh-connection method keyboard-interactive
debug1: attempt 1 failures 1
debug2: input_userauth_request: try method keyboard-interactive
debug1: keyboard-interactive devs
debug1: auth2_challenge: user=informix devs=
debug1: kbdint_alloc: devices 'pam'  ------------------------注意这里,我看到正常的是kbdint_alloc: devices '',不知道怎么取消pam认证。UsePAM没用
debug2: auth2_challenge_start: devices pam
debug2: kbdint_next_device: devices <empty>
debug1: auth2_challenge_start: trying authentication method 'pam'
debug3: mm_sshpam_init_ctx
debug3: mm_request_send entering: type 48
debug3: mm_sshpam_init_ctx: waiting for MONITOR_ANS_PAM_INIT_CTX
debug3: monitor_read: checking request 48
debug3: mm_request_receive_expect entering: type 49
debug3: mm_answer_pam_init_ctx
debug3: mm_request_receive entering
debug3: PAM: sshpam_init_ctx entering
debug3: mm_request_send entering: type 49
debug3: mm_sshpam_query
debug3: mm_request_send entering: type 50
debug3: mm_request_receive entering
debug3: mm_sshpam_query: waiting for MONITOR_ANS_PAM_QUERY
debug3: monitor_read: checking request 50
debug3: mm_request_receive_expect entering: type 51
debug3: mm_answer_pam_query
debug3: mm_request_receive entering
debug3: PAM: sshpam_query entering
debug3: ssh_msg_recv entering
debug3: ssh_msg_send: type 9
debug3: PAM: PAM_AUTH_ERR
PAM: Authentication failed for informix from vss1atmp1adm
debug3: mm_request_send entering: type 51
debug3: mm_sshpam_query: pam_query returned -1
debug3: mm_request_receive entering
debug3: mm_sshpam_free_ctx
debug3: mm_request_send entering: type 54
debug3: mm_sshpam_free_ctx: waiting for MONITOR_ANS_PAM_FREE_CTX
debug3: mm_request_receive_expect entering: type 55
debug3: mm_request_receive entering
debug3: monitor_read: checking request 54
debug3: mm_answer_pam_free_ctx
debug3: PAM: sshpam_free_ctx entering
debug3: PAM: sshpam_thread_cleanup entering
debug3: mm_request_send entering: type 55
debug2: monitor_read: 54 used once, disabling now
Failed keyboard-interactive for informix from xxx.xxx.xxx.xxx port 49165 ssh2
Failed none for informix from xxx.xxx.xxx.xxx port 49165 ssh2
debug3: Trying to reverse map address xxx.xxx.xxx.xxx.
debug3: mm_request_receive entering
debug1: userauth-request for user informix service ssh-connection method password
debug1: attempt 2 failures 2
debug2: input_userauth_request: try method password
debug3: mm_auth_password entering
debug3: mm_request_send entering: type 10
debug3: mm_auth_password: waiting for MONITOR_ANS_AUTHPASSWORD
debug3: monitor_read: checking request 10
debug3: mm_request_receive_expect entering: type 11
debug3: mm_request_receive entering
debug1: PAM: password authentication failed for informix: Authentication failed
debug3: mm_answer_authpassword: sending result 0
debug3: mm_request_send entering: type 11
Failed password for informix from xxx.xxx.xxx.xxx port 49165 ssh2
debug3: mm_auth_password: user not authenticated
Failed password for informix from xxx.xxx.xxx.xxx port 49165 ssh2
debug3: AIX/setauthdb set registry 'files'
debug3: aix_restoreauthdb: restoring old registry ''
debug3: mm_request_receive entering

论坛徽章:
49
15-16赛季CBA联赛之福建
日期:2016-06-22 16:22:002015年亚洲杯之中国
日期:2015-01-23 16:25:12丑牛
日期:2015-01-20 09:39:23未羊
日期:2015-01-14 23:55:57巳蛇
日期:2015-01-06 18:21:36双鱼座
日期:2015-01-02 22:04:33午马
日期:2014-11-25 09:58:35辰龙
日期:2014-11-18 10:40:07寅虎
日期:2014-11-13 22:47:15申猴
日期:2014-10-22 15:29:50摩羯座
日期:2014-08-27 10:49:43辰龙
日期:2014-08-21 10:47:58
发表于 2011-07-19 11:49 |显示全部楼层
还有一段,我们系统自动过滤了,我帮这位兄弟贴上来,非常抱歉

我贴一下/usr/sbin/sshd -ddd 注意看我用的是informix用户 分两段/usr/sbin/sshd -ddd debug2: load_server_config: filename /etc/ssh/sshd_configdebug2: load_server_config: done config len = 142debug2: parse_server_config: config /etc/ssh/sshd_config len 142debug1: sshd version OpenSSH_4.3p2debug1: private host key: #0 type 0 RSA1debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.debug1: read PEM private key done: type RSAdebug1: private host key: #1 type 1 RSAdebug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.debug1: read PEM private key done: type DSAdebug1: private host key: #2 type 2 DSAdebug1: rexec_argv[0]='/usr/sbin/sshd'debug1: rexec_argv[1]='-ddd'debug2: fd 3 setting O_NONBLOCKdebug1: Bind to port 22 on 0.0.0.0.Server listening on 0.0.0.0 port 22.Generating 768 bit RSA key.RSA key generation complete.debug1: fd 4 clearing O_NONBLOCKdebug1: Server will not fork when running in debugging mode.debug3: send_rexec_state: entering fd = 7 config len 142debug3: ssh_msg_send: type 0debug3: send_rexec_state: donedebug1: rexec start in 4 out 4 newsock 4 pipe -1 sock 7debug1: inetd sockets after dupping: 3, 3Connection from xxx.xxx.xxx.xxx port 49165debug1: Client protocol version 2.0; client software version OpenSSH_4.3debug1: match: OpenSSH_4.3 pat OpenSSH*debug1: Enabling compatibility mode for protocol 2.0debug1: Local version string SSH-1.99-OpenSSH_4.3debug3: Value for authType is PAM_AUTHdebug1: Failed dlopen: /usr/krb5/lib/libkrb5.a(libkrb5.a.so): 0509-022 Cannot load module /usr/krb5/lib/libkrb5.a(libkrb5.a.so). 0509-026 System error: A file or directory in the path name does not exist.debug1: Error loading Kerberos, disabling Kerberos auth.debug2: fd 3 setting O_NONBLOCKdebug2: Network child is on pid 975278debug3: preauth child monitor starteddebug3: mm_request_receive enteringdebug3: privsep user:group 202:201debug1: permanently_set_uid: 202/201debug1: list_hostkey_types: ssh-rsa,ssh-dssdebug1: SSH2_MSG_KEXINIT sentdebug1: SSH2_MSG_KEXINIT receiveddebug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1debug2: kex_parse_kexinit: ssh-rsa,ssh-dssdebug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctrdebug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctrdebug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96debug2: kex_parse_kexinit: none,zlib@openssh.comdebug2: kex_parse_kexinit: none,zlib@openssh.comdebug2: kex_parse_kexinit:debug2: kex_parse_kexinit:debug2: kex_parse_kexinit: first_kex_follows 0debug2: kex_parse_kexinit: reserved 0debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1debug2: kex_parse_kexinit: ssh-rsa,ssh-dssdebug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctrdebug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctrdebug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96debug2: kex_parse_kexinit: none,zlib@openssh.com,zlibdebug2: kex_parse_kexinit: none,zlib@openssh.com,zlibdebug2: kex_parse_kexinit:debug2: kex_parse_kexinit:debug2: kex_parse_kexinit: first_kex_follows 0debug2: kex_parse_kexinit: reserved 0debug2: mac_init: found hmac-md5debug1: kex: client->server aes128-cbc hmac-md5 nonedebug2: mac_init: found hmac-md5debug1: kex: server->client aes128-cbc hmac-md5 nonedebug1: SSH2_MSG_KEX_DH_GEX_REQUEST receiveddebug3: mm_request_send entering: type 0debug3: mm_choose_dh: waiting for MONITOR_ANS_MODULIdebug3: monitor_read: checking request 0debug3: mm_request_receive_expect entering: type 1debug3: mm_answer_moduli: got parameters: 1024 1024 8192debug3: mm_request_receive enteringdebug3: mm_request_send entering: type 1debug2: monitor_read: 0 used once, disabling nowdebug3: mm_choose_dh: remaining 0debug3: mm_request_receive enteringdebug1: SSH2_MSG_KEX_DH_GEX_GROUP sentdebug2: dh_gen_key: priv key bits set: 135/256debug2: bits set: 524/1024debug1: expecting SSH2_MSG_KEX_DH_GEX_INITdebug2: bits set: 531/1024debug3: mm_key_sign enteringdebug3: mm_request_send entering: type 4debug3: mm_key_sign: waiting for MONITOR_ANS_SIGNdebug3: monitor_read: checking request 4debug3: mm_request_receive_expect entering: type 5debug3: mm_answer_signdebug3: mm_request_receive enteringdebug3: mm_answer_sign: signature 20055a18(271)debug3: mm_request_send entering: type 5debug2: monitor_read: 4 used once, disabling nowdebug1: SSH2_MSG_KEX_DH_GEX_REPLY sentdebug3: mm_request_receive enteringdebug2: kex_derive_keysdebug2: set_newkeys: mode 1debug1: SSH2_MSG_NEWKEYS sentdebug1: expecting SSH2_MSG_NEWKEYSdebug2: set_newkeys: mode 0debug1: SSH2_MSG_NEWKEYS receiveddebug1: KEX done

论坛徽章:
1
2015年亚洲杯之沙特阿拉伯
日期:2015-04-10 13:59:00
发表于 2011-07-19 17:57 |显示全部楼层
#PermitRootLogin yes
把这个注释给去掉!~

论坛徽章:
0
发表于 2011-07-20 09:54 |显示全部楼层
1.不是用root登陆
2. #表示默认的模式,即ssh默认root是可以登陆的
3. 我把#PermitRootLogin yes 注释去掉了还是一样
一直不明白为什么永远认证失败呢?
我看了官网以为是字母编码的问题,但是我把密码置空了还是一样的
PAM: password authentication failed for test: Authentication failed

ps  谢谢管理员,那段我贴了好几遍了

论坛徽章:
1
天秤座
日期:2013-10-23 13:20:42
发表于 2011-07-21 15:51 |显示全部楼层
1.telnet那个机器上
2.ssh 127.0.0.1 -l username  --看是否ok
3.ls -al ~|grep ssh  --如果哟返回值
   cd
   rm -fr .ssh
   再次 ssh 127.0.0.1 -l username 尝试

论坛徽章:
0
发表于 2011-07-21 16:13 |显示全部楼层
问题解决了,是第三方认证软件的问题,所有的认证都必须从他那边过,太霸道了
必须这么设:
PasswordAuthentication no
UsePam  yes
然后在第三方软件的配置文件上还要设置

多谢各位陪我一起解决问题

//bow

论坛徽章:
0
发表于 2013-06-16 11:55 |显示全部楼层
回复 21# chensail


    你这个第三方认证软件是怎么回事?

论坛徽章:
0
发表于 2013-08-29 14:36 |显示全部楼层
回复 1# chensail
我看十有八九是你的网线没插好吧~

   

论坛徽章:
1
数据库技术版块每日发帖之星
日期:2016-07-22 06:20:00
发表于 2014-10-15 16:38 |显示全部楼层
此类问题往往是小的错误导致的,请楼主仔细检查配置过程。

论坛徽章:
0
发表于 2019-05-29 13:34 |显示全部楼层
让同样的问题折磨了一天
您需要登录后才可以回帖 登录 | 注册

本版积分规则 发表回复

DTCC2020中国数据库技术大会 限时8.5折

【架构革新 高效可控】2020年8月17日~19日第十一届中国数据库技术大会将在北京隆重召开。

大会设置2大主会场,20+技术专场,将邀请超百位行业专家,重点围绕数据架构、AI与大数据、传统企业数据库实践和国产开源数据库等内容展开分享和探讨,为广大数据领域从业人士提供一场年度盛会和交流平台。

http://dtcc.it168.com


大会官网>>
  

北京盛拓优讯信息技术有限公司. 版权所有 16024965号-6 北京市公安局海淀分局网监中心备案编号:11010802020122
中国互联网协会会员  联系我们:huangweiwei@it168.com
感谢所有关心和支持过ChinaUnix的朋友们 转载本站内容请注明原作者名及出处

清除 Cookies - ChinaUnix - Archiver - WAP - TOP